Skip to content Skip to navigation

Survey: Hospital IT Execs Fearful of Mobile Security Threats

August 23, 2016
by Rajiv Leventhal
| Reprints

More than eight in 10 (82 percent) hospitals surveyed by Spyglass Consulting Group expressed grave concerns about their ability to support and protect mobile devices, patient data, and the hospital’s technology infrastructure as a result of the growing threat of cybersecurity attacks.  

The Point of Care Communications for Nursing 2016 report is an outgrowth of a similar study published by Spyglass in March 2014. Content for the survey was derived from more than 100 interviews conducted over a three-month span earlier this year with IT and healthcare professionals working in hospital‐based environments.

Hospitals surveyed were concerned about personally‐owned mobile devices used by physicians and advanced practice nurses, because many end users have inadequate password protection, lack security software to thwart an attack, rely upon unsecured SMS messaging for clinical communications which often included patient health information, and widely use public Wi-Fi and cellular networks that could easily compromise their device, data and communications.

Indeed, mobile devices including smartphones and tablets can certainly introduce vulnerabilities to the hospital’s network and infrastructure through attack vectors that include malware, blastware, and ransomware. Hospitals found guilty of data breaches can be fined upwards of $1.5 million per incident and be required to notify the local media if the breach involves more than 500 patient records. Approximately 25 percent of data breaches originate from mobile devices, according to Spyglass.

Hospitals surveyed also were concerned about hospital‐owned and managed mobile devices used by nurses, ancillary healthcare professionals, and other mobile hospital workers. “Despite increased investments in mobile device management solutions and secure text messaging solutions, cybercriminals have  become  more  sophisticated  and  knowledgeable  about  the capabilities and vulnerabilities of existing security products, and the strategies and tools used by hospital IT to detect a potential intrusion,” said Gregg Malkary, founder and managing director, Spyglass Consulting Group.

What’s more, 71 percent of hospitals surveyed regard mobile communications as an emerging investment priority driven by the adoptions of new patient-centered care models and value‐based purchasing. And, 38 percent of hospitals surveyed had invested in a smartphone‐based communications platform to support clinical communications with an average size deployment of 624 devices. Fifty‐two percent of them have expanded their deployments beyond clinical messaging to support other mobile hospital workers, according to the research.



ONC National Coordinator Gets Live Look at Carequality Data Exchange

Officials from Carequality have stated that there are now more than 150,000 clinicians across 11,000 clinics and 500 hospitals live on its network. These participants are also able to share health data records with one another, regardless of technology vendor.

American Red Cross, Teladoc to Provide Telehealth Services to Disaster Victims

The American Red Cross announced a partnership with Teladoc to deliver remote medical care to communities in the United States that are significantly affected by disasters.

Report: The Business of Cybercrime in Healthcare is Growing

While stolen financial data still has a higher market value than stolen medical records, as financial data can be monetized faster, there are indications that there is ongoing development of a market for stolen medical data, according to an Intel Security McAfee Labs report.

Phishing Attack at Baystate Health Potentially Exposes Data of 13K Patients

A phishing scam at Baystate Health in Springfield, Mass. has potentially exposed the personal data of 13,000 patients, according to a privacy statement from the patient care organization and a report from MassLive.

New Use Cases Driving Growth in Health Data Exchange through Direct

In an update, DirectTrust reported significant growth in Direct exchange of health information and the number of trusted Direct addressed enabled to share personal health information (PHI) in the third quarter of 2016.

Insurers to CBO: Consider Private Insurers’ Data in Evaluations of Telemedicine

Eleven private insurers, including Aetna, Humana and Anthem, are urging the Congressional Budget Office (CBO) to consider the experience of commercial insurers when evaluating the impact of telemedicine coverage in Medicare.